無法提取證書（錯誤-26275）

Question

我有支持NSURLConnection的UIWebView。我想添加證書。當我想從證書中提取身份和信任OSStatus返回錯誤-26275。你有什麼想法如何使它正確嗎？下面的代碼：

- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge { 
NSError *error = nil; 
NSString *path = [[NSBundle mainBundle] pathForResource:[@"xxxx.pem" stringByDeletingPathExtension] ofType:[@"xxxx.pem" pathExtension]]; 
NSData *certData = [[NSData alloc] initWithContentsOfFile:path options:0 error:&error]; 
CFDataRef inP12data = (__bridge CFDataRef)certData; 
SecIdentityRef identity; 
SecTrustRef trust; 


OSStatus status = extractIdentityAndTrust(inP12data, &identity, &trust); 
NSLog(@"status %d", (int)status); 
if(status == errSecSuccess) { 
    SecCertificateRef certificate; 
    SecIdentityCopyCertificate(identity, &certificate); 
    const void *certs[] = { certificate }; 
    CFArrayRef certsArray = CFArrayCreate(NULL, certs, 1, NULL); 
    NSArray *certificatesForCredential = (__bridge NSArray *)certsArray; 
    NSURLCredential *credential = [NSURLCredential credentialWithIdentity:identity 
                  certificates:certificatesForCredential 
                   persistence:NSURLCredentialPersistencePermanent]; 
    [challenge.sender useCredential:credential forAuthenticationChallenge:challenge]; 
    CFRelease(identity); 
    CFRelease(certificate); 
    CFRelease(certsArray); 
} 
else { 
    [challenge.sender cancelAuthenticationChallenge:challenge]; 
} 


} 

和extractIdentityAndTrust功能：

OSStatus extractIdentityAndTrust(CFDataRef inPKCS12Data, SecIdentityRef *identity, SecTrustRef *trust){ 
OSStatus securityError = errSecSuccess; 


CFStringRef password = CFSTR("XXXXX"); 
const void *keys[] = { kSecImportExportPassphrase }; 
const void *values[] = { password }; 
CFDictionaryRef optionsDictionary = CFDictionaryCreate(
                 NULL, keys, 
                 values, 1, 
                 NULL, NULL); 
CFArrayRef items = CFArrayCreate(NULL, 0, 0, NULL); 
securityError = SecPKCS12Import(inPKCS12Data, 
           optionsDictionary, 
           &items); 

if (securityError == 0) { 
    CFDictionaryRef myIdentityAndTrust = CFArrayGetValueAtIndex (items, 0); 
    const void *tempIdentity = NULL; 
    tempIdentity = CFDictionaryGetValue (myIdentityAndTrust, 
             kSecImportItemIdentity); 
    *identity = (SecIdentityRef)tempIdentity; 
    const void *tempTrust = NULL; 
    tempTrust = CFDictionaryGetValue (myIdentityAndTrust, kSecImportItemTrust); 
    *trust = (SecTrustRef)tempTrust; 
} 

if (optionsDictionary) { 
    CFRelease(optionsDictionary); 
} 

return securityError; 
} 

Answer 1

正是有了證書的問題。我看着控制檯管理 - >設備 - >當前設備 - >控制檯，我看到：

Could not load download manifest with underlying error: Error Domain=NSURLErrorDomain Code=-1202 "Cannot connect to the Store" 

我剛剛安裝的證書，一切工作正常。方法如下：

NSString *rootCertPath = [[NSBundle mainBundle] pathForResource:@"XXXXX" ofType:@"pem"]; 
NSData *rootCertData = [NSData dataWithContentsOfFile:rootCertPath]; 

OSStatus err = noErr; 
SecCertificateRef rootCert = SecCertificateCreateWithData(kCFAllocatorDefault, (CFDataRef) rootCertData); 

CFTypeRef result; 

NSDictionary* dict = [NSDictionary dictionaryWithObjectsAndKeys: 
(id)kSecClassCertificate, kSecClass, 
rootCert, kSecValueRef, 
nil]; 

err = SecItemAdd((CFDictionaryRef)dict, &result); 

if(err == noErr) { 
    NSLog(@"Install root certificate success"); 
} else if(err == errSecDuplicateItem) { 
    NSLog(@"duplicate root certificate entry"); 
} else { 
    NSLog(@"install root certificate failure"); 
}